Various methods of accessing an operating system in distributed computer arrangements are known.
In conventional client/server systems, sometimes also called “fat client” systems, a special piece of terminal client software is used on an access computer and essentially permits remote control of a host computer intended to be accessed. In that case, the host computer runs a piece of terminal server software which responds to remote access requests such as file or database requests from the terminal client software for resources of the host computer. Requests are sometimes handled locally on the access computer and sometimes handled remotely on the host computer.
More recently, in what are known as “thin clients” or virtualization solutions, almost all requisite hardware and software components are arranged on the host computer. In that case, the access computer now has only very simplified hardware such as what is known as a zero client chip to display computer outputs transmitted via a local area network and to capture and return user inputs, for example, using the remote desktop protocol (RDP). In contrast, a desired application is executed on the host computer, which also provides the computation power that is necessary for this.
The known methods are also suitable to access functions of an operating system on the host computer from a remote access computer. The need for special hardware or software to set up a connection such as the terminal client software for conventional client/server solutions or the special zero client hardware to access virtualization systems, partially restricts this fundamental mobility again, however. In particular, it is not readily possible to use an extraneous computer such as a computer in an internet cafe or a privately used home computer to access an operating system on a computer at the desk in a company network.
A known approach to a solution involves providing terminal client software or other access software to access an operating system on a host computer via a data network, particularly the internet, for download and executing it on the extraneous computer. However, this approach has a series of disadvantages and security gaps.
First, the provider of the access software normally needs to keep it in various versions for various operating systems of the possible access computers, for example, one version for Mac OS X, one version for Windows XP and a further version for Windows 7. This results both in increased outlay write and provision the software and in an increase in possible sources of error during the use and configuration thereof.
Second, the provider is unable to ensure the environment in which the access software is executed. If the access software is executed under an operating system contaminated with viruses, for example, there is the possibility that data presented or transmitted by the access software are intercepted by a piece of malicious malware and forwarded to third parties or that the malware causes damage on the host computer. Particularly in the case of security-relevant data from company networks, this means an often significant security risk, which means that such options to access an operating system from an extraneous computer are not provided.
It could therefore be helpful to provide an option to securely access an operating system which solves or at least alleviates the programs described. In particular, it could be helpful to provide a method and the software and hardware architecture necessary for implementation thereof which protect such access against attacks by viruses or other malware.